Thursday 14 January 2016

Silverlight Zero-Day Exploit: Hacking Team Breach Helps Kaspersky Lab

Silverlight Zero-Day Exploit: Hacking Team Breach Helps Kaspersky Lab

ZERO-DAY EXPLOIT: It’s an unknown flaw/exploit that exposes a vulnerability in software or hardware and able to create complicated problems well before anyone realizes that something is wrong and it leaves no opportunity for detection. 

In Silverlight there was a critical vulnerability that let attackers remotely execute code after the users visiting a compromised website but as if know it has been patched by Microsoft. Both in Internet Explorer and Mozilla Firefox Silverlight can be registered. In 2014 to protect their users Google disables plug-in support from chrome.

An Attacker can use anyway to enter into user’s system like through e-mails, social media etc. If the user logged in as an administrator user that attacker would have complete control over user’s system and then after an attacker would be free to make any changes in user’s computer like install and remove programs, view and modify data etc. An Attacker would have privileges to create new user accounts. Silverlight is not as much famous but still used by a wide number of people or organization like Netflix, others provider etc.

Microsoft said that “it was unaware of any attack attempting to exploit this vulnerability”. But in opposite to that Kaspersky Lab’s claim that “At a very first time researchers discovered the bug which may have been used in limited targeted attacks.”

Watch Video:

In late November when Zero-Day infected a user’s system then after Kaspersky caught its Silverlight exploit.

Along with the below confabulation it’s all started:

"Phineas Fisher stole 400 GB of the Italian Firm Hacking Team Company’s data in 2015, July which include email, and many more controversial data. Due to this hacking the company’s business practices exposed, means the way they work and everything along with the business of zero-day sellers who were trying to market their exploits to Hacking Team.”

In Security Bulletin of Microsoft, he states that,

“A  remote code execution vulnerability exists when Microsoft  Silverlight decodes strings using a malicious decoder that can return negative offsets that cause Silverlight to replace unsafe object headers with contents provided by an attacker.”

Vitaliy Toropov coded the DLL that implements Silverlight exploit from 2013: 


Post a Comment

Note: only a member of this blog may post a comment.

Toggle Footer